🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional103 / 124
Question 103 of 124

A financial services company migrates several workloads to a public cloud provider using an Infrastructure as a Service (IaaS) model. During a security review, the CISO asks who is responsible for applying operating system security patches to the virtual machines running the company's applications. Under the standard cloud shared responsibility model for IaaS, who bears this responsibility?

Reviewed for accuracy · Report an issueNext question